{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,8]],"date-time":"2025-05-08T04:47:02Z","timestamp":1746679622914},"reference-count":17,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,9]]},"DOI":"10.1109\/iscisc.2017.8488361","type":"proceedings-article","created":{"date-parts":[[2018,10,11]],"date-time":"2018-10-11T22:31:28Z","timestamp":1539297088000},"page":"19-24","source":"Crossref","is-referenced-by-count":3,"title":["WAVE: Black Box Detection of XSS, CSRF and Information Leakage Vulnerabilities"],"prefix":"10.1109","author":[{"given":"Hamed","family":"Soleimani","sequence":"first","affiliation":[]},{"given":"Mohmmad Ali","family":"Hadavi","sequence":"additional","affiliation":[]},{"given":"Arash","family":"Bagherdaei","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","article-title":"Automatic Detection of Second-Order Cross-Site Scripting Vulnerabilities","author":"korscheck","year":"2010","journal-title":"diploma thesis"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/IWSESS.2009.5068456"},{"key":"ref12","first-page":"160","article-title":"An execution-flow based method for detecting cross-site scripting attacks","author":"zhang","year":"2010","journal-title":"Software Engineering and Data Mining (SEDM) 2010 2nd International Conference on"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ICS.2016.0060"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557550"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2013.6671300"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2010.12"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2012.6297927"},{"year":"0","key":"ref4","article-title":"The Web Application Security Consortium"},{"key":"ref3","first-page":"186","article-title":"Analysis of effectiveness of black-box web application scanners in detection of stored SQL injection and stored XSS vulnerabilities","author":"mohammad","year":"2015","journal-title":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)"},{"year":"0","key":"ref6","article-title":"XSS Filter Evasion Cheat Sheet"},{"key":"ref5","article-title":"A methode for discovering information flow in web application in order to detecting stored XSS","author":"soleimani","year":"2016","journal-title":"2016 13th ISCISC"},{"year":"0","key":"ref8","article-title":"Broken Web Applications Project"},{"year":"0","key":"ref7","article-title":"Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet"},{"year":"0","key":"ref2","article-title":"The Web Application Security Consortium"},{"year":"0","key":"ref1","article-title":"OWASP Top 10 Application Security Risks"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2014.53"}],"event":{"name":"2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)","start":{"date-parts":[[2017,9,6]]},"location":"Shiraz","end":{"date-parts":[[2017,9,7]]}},"container-title":["2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8472118\/8488334\/08488361.pdf?arnumber=8488361","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T21:43:54Z","timestamp":1643233434000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8488361\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,9]]},"references-count":17,"URL":"https:\/\/doi.org\/10.1109\/iscisc.2017.8488361","relation":{},"subject":[],"published":{"date-parts":[[2017,9]]}}}